-
X-CUBE-SBSFUExpansion software for STM32CubeSecure boot & secure firmware update
-
In the News 2
http://fortune.com/2016/03/29/hack-printers-internet-of-things/http://fortune.com/2016/03/29/hack-printers-internet-of-things/http://hackaday.com/2016/07/26/root-on-the-philips-hue-iot-bridge/http://hackaday.com/2016/07/26/root-on-the-philips-hue-iot-bridge/http://arstechnica.com/security/2016/01/how-to-search-the-internet-of-things-for-photos-of-sleeping-babies/http://arstechnica.com/security/2016/01/how-to-search-the-internet-of-things-for-photos-of-sleeping-babies/http://www.techrepublic.com/article/iot-and-liability-who-pays-when-things-go-wrong/http://www.techrepublic.com/article/iot-and-liability-who-pays-when-things-go-wrong/http://www.itpro.co.uk/security/27013/osram-smart-lighting-flaw-lets-hackers-breach-home-wi-fihttp://www.itpro.co.uk/security/27013/osram-smart-lighting-flaw-lets-hackers-breach-home-wi-fihttp://www.channelnomics.eu/channelnomics-eu/analysis/2466253/why-the-next-big-data-breach-could-come-from-the-heatinghttp://www.channelnomics.eu/channelnomics-eu/analysis/2466253/why-the-next-big-data-breach-could-come-from-the-heating
-
Today’s Connected World 3
65%
Operating system based solutions
20 Billion
-
Our concern for tomorrow 4
48 Billion
Embedded solutions
65%
-
What will embedded solutions protect ? 5
• Their ServicesWhat the end customer pays
• Their NetworksAvoid DoSProvide quality/reliability
• Their BrandWhat we sell every day !
Node Gateway Cloud
-
Secure BootR
oot of TrustCategories of attacks 6
• Logical attack From outside the box
• Board-level attack From inside the box
• Chip-level attack From inside the chip
Today 95 % IOT attacks
Cloningattacks
Logical• Local or remote• Open ports• SW Bugs• Debug I/Fs• Etc.
Cost and expertise of attack materials
Board-level• Memory probing• « Mod-chips »• Fault injection• Side-channels• Etc.
Chip-level• Probing• Laser• FIB• Reverse Eng.• Etc.
-
Secure Boot / Root of Trust Target• Immutable Secure Boot code
• Executed first at reset
• Verify the platform integrity• Clock settings• Register configurations• Memory Protection, ….
• Launch Root of Trust services• Authentication of code• Uses cryptographic keys and
encryption functions
7
Secure Boot
Code
Reset
Trusted
First stageLoader
Code Cert.
Second StageApplication
Code Cert.
Authenticates
Authenticates
-
Root of Trust General Process stored in the device• Performed at each RESET, using a Key
• It is a predictable process
8
Trusted
Code Authentication
Stored Certificate
MAC Function
Calculated Certificate
Compare
OK
NOK
Reload
Run Code
SBRoTReset
Appli Stage X
+
File
Code Image
-
Current Market approach• Not a single standardized Secure Boot / Root of Trust model
9
SBRoT 1
Reset
Stage Xapplication
SBRoT 2
Reset
Stage Xapplication
SBRoT n
Reset
Stage Xapplication
Industrial
LPWAN
NB IOT
SBRoT x
Reset
Stage Xapplication
SBRoT y
Reset
Stage Xapplication
SBRoT z
Reset
Stage Xapplication
Cloud
Metering
…
-
How to support such approach• Embedded ROMed code
• ST proposal• Allow Industries to develop their own Secure Boot / Root of Trust method• Propose a way to securely load it into the STM32• Propose a way to isolate and securely execute it within STM32
10
SB / RoT approach feasibility remarks
One code on all STM32 May not be market acceptable
Multiple code on STM32 Diversify productsIncrease development, qualification, certification, cost
-
Secure Firmware Update 11
Communication Device
Sensor
MCU
Server
Firmware
Firmware
Symmetric Key
Developer
Data File
Firmware
MCUServer Communication Encrypted File
Data FileData File
Cloud • Server sends FW update
• Device receives, stores newFW update and executes it
Data File
-
Secure Firmware Update
• Complete process performed in a secure way
• Prevent Unauthorized updates
• Access to secret code and key
• Access to confidential on-device data
• Developed in several software modules
12
-
SBSFU software package overview• Secure Boot (SB) module
• Execution with Root of trust service
• Application authentication and Integrity check before execution
• Secure Firmware Update (SFU) module• Detect new FW version to install
• From local download service• Pre-downloaded OTA via User application from previous execution…
• Manage FW version (check unauthorized updates or unauthorizedinstallation)
• Secure FW update:• FW Authentication and Integrity check• FW decryption• FW installation
• In case of any error occurring during new image installation,possibility to rollback to the previous valid version…
• Execute new installed FW (once Authenticated and integritychecked)
13
• Secure Engine (SE) module• Code isolated from main Firmware Secure
execution
• Dedicated to executing cryptographicalgorithms
• Manage secure key storage
-
Secure Firmware Update Process• Performed when a new firmware update is available by the using a
public key stored in the device
• Each new firmware update is authenticated before being installed
14
Code Authentication
Keyed-Hash Value
MAC
Calculated Value
Compare
OK
NOK
Reject
Install CodeClear TextDecryption
+
Data FileEncrypted File
Data File
Clear Text
-
Foundation of Trust
Security Layering• MCU Security Features
• Used to establish a robust platform on which trusted processes and associated cryptographic functions can be performed
• Cryptographic Functions• Preserve confidentiality, verify integrity, authenticity
• Secure Boot (SB) and Secure Firmware Update (SFU)
• Establishing a Root-of-Trust• Building a system that can evolve to counter new
threats, add new functionality, fix bugs in a controlled and secure way once the device is in the field
15
Application• Features / Services • Communication (TLS)
MCU Security FeaturesRDP WRP MPUPCROPFirewall
Cryptographic functions• Confidentiality, Integrity, Availability
Security Services• Secure Boot, Secure Firmware Update
-
Security
• Proprietary code Read Out Protection (PcROP)
• Readout Protection (RDP)• Level 0: no readout protection• Level 1: memory readout protection• Level 2: chip readout protection
• Specific configurable area• 1 each per Flash memory bank
• Write protection (WRP)• 1 each per Flash memory / SRAM
sector
Flash memory code and registers (+ SRAM2 in L4) cannot be dumped through JTAG/SWD or by the CPU itself booted from other memories than internal Flash
Flash memory code is only executable, cannot be read and dumped by the CPU
Flash memory code is protected from unwanted write/erase operations
16
STM32 Static Protections
-
SecuritySTM32 Dynamic Protections
• Firewall• Code or data protection in Flash memory
or SRAM
• MPU• Memory isolation• Hard-fault or core lock-up in case of
violation
• Backup domain and Anti-Tamper• Independent voltage• RTC, Backup SRAM• Tamper detection pin
Single call-gate interfaceTrusted execution regionIdeal to protect sensitive function and IPfrom the rest of the application
Detection of tamper eventReset of all backup registerTime stamp event
Read, Write, eXecute attribute per region Prevent stack overflows System protection against unintended modification
17
-
SBSFU-based product architecture overview 18
-
Security Mindset / Security • First, know what you want
• What do you want to protect ?• What do you want to protect it against ?
• Then look at how to protect it
• Examine the protection we justadded
• Is it fully protecting?• Is it adding some weakness• Does it requires additional elements to
protect
19
Look at allthe elementsof the system
Incrementalprocess
michael millerCross-Out
-
Protecting The Chain Of Trust 20
RDP–L2
• Disable external access• Protect boot options• Lock Option bytes
• WRP• PCROP
• Protect the codeenabling the MPU/Firewall
• Protect the codeconsidered trusted
• Protect part of theFlash memory
WRP PCROP
Trust
Firewall
• Protect RAMand Flashmemory atruntime
Trust
TrustCrypto
• Verify the integrityand authenticity ofthe userapplication
MPU
• Execution allowedonly inside thechain of trust
Trust
SB / SFU
Trusted
-
SBSFU covered use cases• Industrial Firmware Update
• Usually performed by a human• Requires a physical connection between the updater tool and the MCU
• UART, SPI, USB, ….. Wired connection• Able to stop the application running during the update• In case of update error, retry is manually managed
• Over The Air Firmware Update (FOTA)• Stand alone update operation• Uses device connectivity to receive and manage the update
• Wi-Fi, LPWAN, BT/BLE, ….• Running application manages its own firmware update• Retry may be difficult to support
21
-
SBSFU : 2 implementations
• 1) Non isolated modules• Secure Boot and Secure Firmware Updates form a single immutable code protected
the same way• It includes cryptographic and SFU keys• Introduce Root of Trust protection mechanism into STM32
• 2) Isolated modules• Secure Boot module is immutable code• Secure Engine is isolated from rest of code• Secure Firmware Update includes Root of Trust verification runtime code
22
-
SBSFU roadmap on STM32 23
-
SBSFU package now available for STM32L4 series
• X-CUBE-SBSFU expansion software available from ST website• www.st.com/x-cube-sbsfu
24
http://www.st.com/x-cube-sbsfu
-
Recommendations• Reduce risk
• Ensures products are strengthened against attacks throughout their entire lifetime
• Understand the value of your assets• Perform threat analysis• Confidentiality, availability and integrity are key
• Use good design practices to develop and maintain secureproducts
• Use security features and tools to achieve robust products• Work with trusted and experienced partners
25
-
Releasing Your Creativity 26
www.st.com/stm32trust/STM32 @ST_World ST community
https://www.facebook.com/pg/STM32/about/?ref=page_internalhttps://community.st.com/s/topic/0TO0X000000BSqSWAW/stm32-mcushttps://twitter.com/st_world
X-CUBE-SBSFU �software expansion for STM32Cube �Secure boot and secure firmware update In the NewsToday’s Connected WorldOur concern for tomorrowWhat embedded solutions shall protect ?Categories of attacksSecure Boot / Root of Trust TargetRoot of Trust General ProcessCurrent Market approachHow to support such approachSecure Firmware UpdateSecure Firmware UpdateSBSFU software package overviewSecure Firmware Update ProcessSecurity LayeringSecuritySecuritySBSFU Based product architecture overviewSecurity Mindset / Security Protecting The Chain Of TrustSBSFU covered use casesSBSFU : 2 implementationsSBSFU roadmap on STM32SBSFU package now available �for STM32L4 seriesRecommendationsReleasing Your Creativity